Maps of the digital lands

hand draw a diagram for one of the following scenarioss:

Drawing Contest Scenarios:

1 Computer Design Diagram

2 Stock Broker Firm

3 Web Design Studio Firm

4 Bank

5 Hospital

6 Retail

7 News Network

8 Freestyle

Scan for scenarios

---

Summaries

Scenario 1 Computer Design

As a contestant in this intriguing contest, your challenge is to delve into the fascinating world of classic computing and provide a clear, concise, and visually striking diagram of how these marvels of technology are wired together.

Scenario 1 Details

1. Components: Your diagram must include all primary components of the selected classic computer system. These components should, at a minimum, include the following:
   • Central Processing Unit (CPU)
   • Memory (RAM and ROM)
   • Storage Devices (Floppy Disk Drives, Hard Disk Drives, or Tape Drives)
   • Input/Output Devices (Keyboard, Mouse, Printer, Monitor)
   • Power Supply Unit (PSU)
   • Expansion Slots/Buses
   • Motherboard/Backplane
2. Connection: Your diagram should clearly illustrate how these components connect and communicate with each other. Make sure to indicate buses, connectors, and any proprietary interfaces involved.
3. Classic Computer: To make the task more interesting and rewarding, you'll receive extra points if you select a classic computer for this exercise. Potential options include the Amiga, the Z80-based systems, or the Altair 8800, but feel free to choose any other system that fascinates you.Remember, the more historically significant or obscure the computer, the more unique your diagram will be. For instance, you could choose to depict the Commodore 64, Apple II, or IBM PC, all of which played crucial roles in personal computing history. Alternatively, you could opt for something more obscure, like the Soviet Elektronika BK, for a real challenge.
4. Annotations: For clarity, include brief annotations for each component and connection, explaining their functions and why they were significant or innovative at the time. This not only helps judges understand your diagram but also illustrates your depth of understanding.
5. Presentation: Remember, presentation matters. Your diagram should be as visually appealing as it is informative. Use color coding, labels, and symbols effectively to make your diagram easy to understand at a glance.
6. Bonus Points: Demonstrate real-world usage of the computer system. For example, illustrate how a user would load and run a software program, or how data is transferred from storage to memory and then processed by the CPU.

---

Scenario 2 Gainzeses Stock Broker

Scenario 2 Details

In this scenario, you are tasked with visualizing the network setup of two separate offices of a stock brokerage firm. These offices are in different geographical locations and are connected via the internet provided by two different Internet Service Providers (ISPs). Both offices need to maintain a high level of data integrity and security due to the sensitive nature of the financial transactions and data they handle daily. Therefore, they should employ robust security measures like firewalls and a Site-to-Site VPN connection for safe inter-office communication. Here are the specific requirements:

1. Office Layouts: The network diagram should show two offices, each comprising multiple workstations.
2. ISPs: Each office has its own ISP for connectivity. Draw connections from each office to their respective ISP and then show an interconnection between the ISPs to demonstrate inter-office connectivity.
3. Firewall: To ensure secure inbound and outbound network traffic, depict firewalls for both offices. These should be located between the office networks and the ISPs.
4. Site-to-Site VPN: To secure inter-office communications, depict a site-to-site VPN connection established between the two office firewalls. This connection should be separate from the direct link between the ISPs.
5. Endpoints: Illustrate five endpoints (workstations) in each office. These are the devices used by the employees for their daily work and to access the company's resources.
6. Printers: Show at least one network printer in each office that all endpoints in the same office can access.
7. Domain Controller: Each office should have its own Domain Controller for handling security authentication requests within a Windows domain. Locate these logically in the diagram.
8. File Share: Indicate a central file sharing server in each office, accessible by all endpoints in the same office.
9. SAAS: The offices utilize a Software as a Service (SAAS) platform, either Office 365 for general office productivity or a specialized trading service platform. The endpoints should be able to access this service via the internet connection provided by the ISPs.

---

Scenario 3 1337 Web Design Studio

Scenario 3 Details

As an architect of the infrastructure of a bustling web design studio, you're responsible for creating an efficient and secure network that supports multiple operations. Your design needs to facilitate secure data flow, efficient storage and retrieval, and provide a reliable system for telepresence developers and marketing team.

1. Office Space: The office space is the central nervous system of your design studio. It is protected by a robust firewall, which serves as the first line of defense against potential threats. The firewall should be designed to control inbound and outbound traffic, with rules designed according to the principle of least privilege.
2. Identity Services: You are tasked with designing an efficient domain controller system that provides identity services. This domain controller system must be configured to manage user credentials and privileges to ensure that only authorized individuals can access the network.
3. Datacenter: Your studio is equipped with a state-of-the-art datacenter, with a scalable web stack hosted either in a colocation facility or on Amazon Web Services (AWS). The datacenter's design needs to showcase:
   Segmentation: The datacenter should be segmented to isolate different system components. Each segment should include a specific purpose or role and must be separated by security measures to limit potential security breaches.
   • Database Cluster: The design must include a robust database cluster to handle massive amounts of data efficiently.
   • Web Server Cluster: To ensure high availability and scalability, your design must include a web server cluster to serve the studio's websites.
   • Load Balancers: You should incorporate load balancers in your design to distribute network traffic evenly across the web server cluster, ensuring quick response times and avoiding server overloads.
   • Monitoring and Analytics Cluster: A section for monitoring and analytics is required to keep an eye on system performance and to gain insights for future improvements. Telepresence Developers: The design must accommodate telepresence developers.
4. Telepresence Developers: The design must accommodate telepresence developers. They require a network setup that allows them to securely and efficiently collaborate and access resources remotely.
5. Marketing Team: The marketing team has its specific requirements:
   • • Printers: The network diagram must include local and networked printers that are accessible only to authorized personnel.
   • • File Share: A secure and efficient file sharing system is required to enable team members to share and collaborate on documents and other files.
   • • SFTP Server in a DMZ: To ensure secure file transfers from external sources, a Secure File Transfer Protocol (SFTP) server should be placed in a Demilitarized Zone (DMZ). This area should be isolated from the main network for additional security.
   • • Digital Billboard: A digital billboard, controlled and updated via the network, is used to display marketing materials. The network must support this without compromising overall network security.
6. Another Domain Controller: To add redundancy and ensure high availability of the identity services, another domain controller is needed. This will also load balance the authentication requests.

---

Scenario 4 Defcon International Bank

Scenario 4 Details

You are to illustrate a complex yet comprehensive network structure for a fictional banking corporation, "FinTech Global Bank" (FGB), encompassing a central office, two branch offices, and two data centers (primary and disaster recovery).

1. Central Office:
   • Domain Controllers: Two redundant domain controllers, DC1 and DC2, are responsible for user authentication, group policy, DNS, and DHCP services.
   • Firewall with VPN: A sophisticated firewall system, integrated with a Virtual Private Network (VPN), ensures secure remote access. The firewall also helps prevent unauthorized access while monitoring and recording network traffic.
   • Redundant Network Connections: Two separate ISP connections provide redundancy to maintain network connectivity in case one ISP fails.
   • Loss Prevention: Loss Prevention software (LPS) is installed to help protect sensitive customer data and prevent data leaks.
   • Video Surveillance and Access Control Systems: A series of high-definition surveillance cameras are placed strategically throughout the office premises, all networked into a central monitoring station. The office also uses biometric access control systems for added security.
2. Bank Branches x2:
   • MPLS Network Connection: Each branch office connects to the central office through a secure MPLS (Multiprotocol Label Switching) network connection.
   • Branch WAN Routers: Branch WAN routers manage traffic between the branch office and the central office.
   • Core/Distribution Switch Stack: A stack of core and distribution switches helps manage network traffic within each branch.
   • Surveillance System: Similar to the central office, each branch office is equipped with a video surveillance system and IP-based alarm system.
   • Printers and Server Endpoints: Multiple printer devices and server endpoints are connected to the network for everyday business operations.
3. Data Centers x2 (Primary/DR):
   • Firewall and VPN connections: Similar to the central office, both data centers are equipped with firewalls and VPN connections for added security.
   • Databases: Each data center hosts a set of synchronized databases for handling customer data, transactions, and analytics.
   • AS400: Both data centers employ IBM AS/400 systems for application hosting, payroll processing, core banking functions, etc.
   • Microservice Architecture: A microservice architecture is implemented in both data centers to provide scalability and improve service availability.
   • External API EDI: A secure, segregated segment of the network hosts an API server. This server provides access to an external Electronic Data Interchange (EDI) system, allowing FGB to exchange transaction information with other banks and financial institutions.

---

Scenario 5 St Gods Memorial Hospital

Scenario Details:

Illustrate a dynamic and robust network architecture for a healthcare system, "St GODs Memorial Hospital", that consists of a central administrative office, a primary data center, multiple hospital facilities, numerous outpatient clinics, and a central medical equipment distribution center.

1. Central Administrative Office:
• Domain Controllers: Two main domain controllers, DC-A1 and DC-A2, which are responsible for user authentication, group policy, DNS, and DHCP services across the entire HMMG network.
• Firewall with VPN: A robust firewall system, integrated with a Virtual Private Network (VPN), ensures that remote access by employees and consultants is secure. The firewall also mitigates potential cyber threats and logs network activity.
• Redundant Network Connections: Two different ISP links provide failover and redundancy to maintain continuous connectivity.
• Patient Data Protection: Advanced Data Loss Prevention (DLP) software is installed to ensure that patient health information is never improperly accessed or leaked.
• Unified Communication System: A VOIP-based telephony system and video conferencing setup to facilitate communications between various entities within the HMMG system.
• Electronic Health Record (EHR) System: Centralized EHR servers that store, manage, and retrieve patient medical records digitally for the entire network.
Data Center:
• Firewall and VPN: An advanced firewall system with VPN ensures that all data flow to and from the data center is encrypted and secure.
• Databases: Central databases manage all patient-related data, staff schedules, medical billing, and more.
• Backup Systems: Regular backups are taken, with a system for both local and off-site storage to ensure data integrity and availability.
• Cloud Integration: Integration with cloud services for scalability, especially during peak loads and to manage backups.
• PACS (Picture Archiving and Communication System): For storing and accessing radiological images like X-rays, MRIs, and CT scans from across the facilities.
2. Hospitals (Multiple Units):
• Networked Medical Equipment: All modern medical diagnostic tools and equipment like MRI machines, ECGs, ventilators, etc., are network-connected for real-time data transfer and remote diagnostics.
• Wi-Fi for Patients and Staff: Secured networks for hospital operations and a separate one for patients and visitors.
• Emergency Response System: Networked alarms and communication tools to coordinate during emergencies.
• On-Premise Servers: Local servers in each hospital sync with the central EHR system for faster data access.
• Digital Signage and Information Boards: Displaying real-time information about bed availability, doctor schedules, etc.
3. Outpatient Clinics (Multiple Units):
• Telehealth Integration: For remote consultations, each clinic is equipped with a telehealth system that integrates with the central EHR.
• Networked Point-of-Care Equipment: Equipment such as blood pressure monitors and glucometers are connected for immediate data capture into the EHR.
• Payment and Billing Systems: Networked POS terminals and billing systems for patient fee processing.
• Digital Patient Check-in Systems: Kiosks or tablets for patient self-check-in and appointment management.
4. Distribution Center:
• Inventory Management System: Networked system to track medical supplies, medications, and equipment.
• Automated Replenishment: Integration with the hospitals and clinics for automated restocking based on real-time usage data.
• Security Systems: Surveillance and biometric access controls to ensure the security of medical stock.
• Transportation Management System: To schedule and track shipments to various facilities.

---

Scenario 6 HackToolz Retail

Scenario 6 Details

Illustrate an integrated and resilient network design for the fictional retail brand "HackToolz". This retail chain is focused on providing hacking hardware and software tools, necessitating a unique blend of e-commerce, brick-and-mortar operations, and PCI compliance for its payment systems.

1. Central Administrative Office:
• Domain Controllers: Two main domain controllers, DC-O1 and DC-O2, managing user authentication, group policy, DNS, and DHCP services for the entire corporate environment.
• Firewall and VPN: Advanced firewall setup with a VPN system to ensure secure remote access for traveling executives and IT personnel.
• Redundant Network Connections: Multiple ISPs provide failover and redundancy for uninterrupted connectivity.
• Marketing Department Infrastructure: High-performance workstations for graphic design and analytics, networked storage for marketing assets, and dedicated servers for marketing campaign management.
• PCI-Compliant Payment Gateway: Ensuring that all payment systems are compliant with the Payment Card Industry Data Security Standard (PCI DSS).
2. Retail Stores (3 Units):
• Point of Sale (POS) Systems: Networked POS systems in each store, which integrate with central payment systems while ensuring PCI compliance.
• Wi-Fi for Customers and Staff: Secure staff network and a separate network for customer promotions, both isolated from critical business operations.
• Surveillance Systems: IP-based security cameras and alarm systems networked back to the main office for centralized monitoring.
• Store Servers: Local servers in each store to manage inventory, employee schedules, and offer redundancy for POS data.
• Multi-ISP Setup: Each store has multiple ISP connections for redundancy and failover, ensuring uninterrupted sales operations.
3. Warehouse & Distribution Center:
• Inventory Management System: Advanced networked system to keep real-time track of stock levels, shipments, and returns.
• Automated Fulfilment System: Robotics and conveyor systems, network-connected for efficient order processing and dispatch.
• Transportation Management: Networked systems to coordinate deliveries, pickups, and route optimizations.
• Security & Surveillance: Comprehensive surveillance system networked for remote monitoring and biometric access controls for high-value storage areas.
4. Data Center:
• E-Commerce Infrastructure: Servers dedicated to hosting the HackToolz.com e-commerce platform, ensuring high availability, scalability, and secure online transactions.
• Firewall & Intrusion Prevention System (IPS): Given the nature of the products, advanced firewall systems and IPS are mandatory to fend off frequent cyber-attacks.
• Database Servers: Centralized databases for customer data, sales analytics, and product inventory, with regular backup regimes.
• Content Delivery Network (CDN) Integration: To ensure that the e-commerce platform loads swiftly for users worldwide, integration with a CDN is established.
• Cloud Integration: Some non-critical applications and backup systems are cloud-hosted for scalability and disaster recovery purposes.

---

Scenario 7 Defcon News Network (DNN)

Scenario 7 Details

Craft an intricate and efficient network diagram for "DEFCON News Networks (DNN)", an innovative and rapidly growing media organization that spans across the globe, delivering top-notch, real-time news content.

1. Main Office:
• Domain Controllers: Two primary domain controllers, DC-M1 and DC-M2, dedicated to user authentication, group policy enforcement, DNS resolution, and DHCP services, catering to the entire organizational network.
• Video Editing Suites: High-end workstations optimized for video editing and post-production. Networked for access to centralized storage, live feeds, and the internet.
• Firewall and VPN: A comprehensive firewall system with a VPN subsystem to grant secure remote access for correspondents, freelancers, and travelling staff.
• Redundant Network Connections: Multiple ISP links to guarantee failover and redundancy, ensuring the news always gets out, even if one connection drops.
• Unified Communications System: A dedicated setup for VOIP and video conferencing, crucial for internal meetings, press conferences, and interviews.
2. Storage System:
• Centralized Media Storage: High-capacity, high-speed network attached storage (NAS) devices for storing raw footage, edited segments, and archival content.
• Backup and Disaster Recovery: Regular backups to both on-site and off-site storage. Integration with cloud storage for archival and redundancy.
Media Management Software: Dedicated servers running media management software, assisting with metadata tagging, content retrieval, and distribution.
3. Satellite Network:
• Satellite Uplink/Downlink Stations: Infrastructure for beaming live feeds to and from remote locations, ensuring real-time news delivery.
• Encryption and Compression Devices: Hardware to encrypt sensitive transmissions and compress data to optimize bandwidth usage.
4. Remote Reporters:
• Mobile Broadcasting Kits: Portable devices that enable reporters to broadcast live from the field. These kits contain cameras, microphones, and satellite phones.
• Secure Communication Tools: Given the sensitive nature of journalism, reporters have encrypted communication tools, like secure smartphones and laptops.
• Cloud Integration: Reporters can upload their stories, photos, and videos directly to the cloud, which then syncs with the main office's storage system.
• VPN Access: Remote reporters have VPN tokens to securely access DNN's internal systems, ensuring they can access resources and communicate securely.

---